Sun's TTSESSION Vulnerability

From: Bauer, Rich (rbauerat_private)
Date: Wed Sep 29 1999 - 06:12:19 PDT

Next message: Alesh Mustar: "Re: [EuroHaCk] Linux 2.2.x ISN vulnerability (fwd)"

Previous message: Roy Hills: "NT Predictable Initial TCP Sequence numbers: SP5 update"
Next in thread: Richard L. Goerwitz: "Re: Sun's TTSESSION Vulnerability"
Reply: Richard L. Goerwitz: "Re: Sun's TTSESSION Vulnerability"
Reply: Charlie Giannetto: "Re: Sun's TTSESSION Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

One of our systems administrators recently told us that Sun's fix for the
TTSESSION vulnerability (running ttsession with DES) prohibits root from
using CDE in an NISPLUS environment, and prohibits any user from using CDE
in a stand-alone environment.  Is there a patch forthcoming or some other
work-around that doesn't have these limitations ?

Next message: Alesh Mustar: "Re: [EuroHaCk] Linux 2.2.x ISN vulnerability (fwd)"
Previous message: Roy Hills: "NT Predictable Initial TCP Sequence numbers: SP5 update"
Next in thread: Richard L. Goerwitz: "Re: Sun's TTSESSION Vulnerability"
Reply: Richard L. Goerwitz: "Re: Sun's TTSESSION Vulnerability"
Reply: Charlie Giannetto: "Re: Sun's TTSESSION Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:05:45 PDT